pi-gsd 2.0.1 → 2.0.2

package/src/wxp/executor.ts

@@ -1,191 +0,0 @@
-import fs from "node:fs";
-import path from "node:path";
-import { executeShell, WxpShellError, resolveArgNode } from "./shell.js";
-import { executeStringOp } from "./string-ops.js";
-import { evaluateCondition, evaluateWhere, evaluateCondExprNode, CONDITION_OPS } from "./conditions.js";
-import { resolveTrustedEntry } from "./security.js";
-import type { XmlNode, WxpExecContext } from "../schemas/wxp.zod.js";
-import type { VariableStore } from "./variables.js";
-
-export class WxpExecutionError extends Error {
-  constructor(
-    public readonly cause: Error,
-    public readonly variableSnapshot: Record<string, string>,
-    message: string,
-  ) {
-    super(message);
-    this.name = "WxpExecutionError";
-  }
-}
-
-// ─── <display> ───────────────────────────────────────────────────────────────
-
-function execDisplay(node: XmlNode, vars: VariableStore, ctx: WxpExecContext): void {
-  const msg = (node.attrs["msg"] ?? "").replace(
-    /\{([^}]+)\}/g,
-    (_, name: string) => vars.resolve(name) ?? "",
-  );
-  const level = node.attrs["level"];
-  ctx.onDisplay(msg, level === "warning" || level === "error" ? level : "info");
-}
-
-// ─── <json-parse> ────────────────────────────────────────────────────────────
-
-function execJsonParse(node: XmlNode, vars: VariableStore): void {
-  const src  = node.attrs["src"]  ?? "";
-  const out  = node.attrs["out"]  ?? "";
-  const pathStr = node.attrs["path"];
-
-  const jsonStr = vars.get(src);
-  if (jsonStr === undefined) throw new Error(`<json-parse>: source variable '${src}' is not defined`);
-
-  let parsed: unknown;
-  try { parsed = JSON.parse(jsonStr); } catch {
-    throw new Error(`<json-parse>: '${src}' does not contain valid JSON`);
-  }
-
-  if (pathStr) {
-    const parts = pathStr.replace(/^\$\.?/, "").split(".");
-    // eslint-disable-next-line @typescript-eslint/no-explicit-any -- JSON traversal
-    let cur: any = parsed;
-    for (const key of parts) {
-      if (cur === null || typeof cur !== "object") throw new Error(`<json-parse>: path '${pathStr}' not found`);
-      cur = cur[key];
-    }
-    parsed = cur;
-  }
-
-  if (Array.isArray(parsed)) {
-    vars.setArray(out, parsed.map((item) => typeof item === "string" ? item : JSON.stringify(item)));
-  } else if (parsed !== null && typeof parsed === "object") {
-    vars.set(out, JSON.stringify(parsed), undefined);
-  } else {
-    vars.set(out, parsed === undefined || parsed === null ? "" : String(parsed), undefined);
-  }
-}
-
-// ─── <read-file> ─────────────────────────────────────────────────────────────
-
-function execReadFile(node: XmlNode, vars: VariableStore): void {
-  const filePath = node.attrs["path"] ?? "";
-  const out      = node.attrs["out"]  ?? "";
-  const content  = fs.readFileSync(path.resolve(filePath), "utf8");
-  vars.set(out, content, undefined);
-}
-
-// ─── <write-file> ────────────────────────────────────────────────────────────
-
-function execWriteFile(node: XmlNode, vars: VariableStore, ctx: WxpExecContext): void {
-  const filePath = node.attrs["path"] ?? "";
-  const src      = node.attrs["src"]  ?? "";
-  const resolved = path.resolve(filePath);
-
-  // Create-only: never overwrite
-  if (fs.existsSync(resolved)) {
-    throw new Error(`<write-file>: '${filePath}' already exists (create-only, never overwrites)`);
-  }
-
-  // Reject writes targeting trusted harness paths
-  for (const entry of ctx.config.trustedPaths) {
-    const abs = resolveTrustedEntry(entry, ctx.projectRoot, ctx.pkgRoot);
-    if (resolved.startsWith(abs + path.sep) || resolved === abs) {
-      throw new Error(`<write-file>: cannot write to trusted harness path '${filePath}'`);
-    }
-  }
-
-  const content = vars.get(src) ?? "";
-  fs.mkdirSync(path.dirname(resolved), { recursive: true });
-  fs.writeFileSync(resolved, content, "utf8");
-}
-
-// ─── <for-each> ──────────────────────────────────────────────────────────────
-
-function execForEach(node: XmlNode, vars: VariableStore, ctx: WxpExecContext): void {
-  const varName  = node.attrs["var"]  ?? "";
-  const itemName = node.attrs["item"] ?? "";
-
-  const whereNode  = node.children.find((c) => c.tag === "where");
-  const sortByNode = node.children.find((c) => c.tag === "sort-by");
-  const bodyNodes  = node.children.filter((c) => c.tag !== "where" && c.tag !== "sort-by");
-
-  let items = vars.getArray(varName);
-  if (!items) return; // Missing array is not an error — may be conditional
-
-  // Filter
-  if (whereNode) {
-    items = items.filter((itemJson) => {
-      vars.set(itemName, itemJson, undefined);
-      return evaluateWhere(whereNode, vars);
-    });
-  }
-
-  // Sort
-  if (sortByNode) {
-    const key   = sortByNode.attrs["key"]   ?? "";
-    const type  = sortByNode.attrs["type"]  ?? "string";
-    const order = sortByNode.attrs["order"] ?? "asc";
-
-    items = [...items].sort((aJson, bJson) => {
-      vars.set(itemName, aJson, undefined);
-      const aVal = vars.resolve(`${itemName}.${key}`) ?? vars.resolve(key) ?? "";
-      vars.set(itemName, bJson, undefined);
-      const bVal = vars.resolve(`${itemName}.${key}`) ?? vars.resolve(key) ?? "";
-
-      const cmp = type === "number"
-        ? Number(aVal) - Number(bVal)
-        : aVal.localeCompare(bVal);
-      return order === "desc" ? -cmp : cmp;
-    });
-  }
-
-  for (const itemJson of items) {
-    vars.set(itemName, itemJson, undefined);
-    for (const child of bodyNodes) executeNode(child, vars, ctx);
-  }
-}
-
-// ─── Dispatcher ───────────────────────────────────────────────────────────────
-
-export function executeNode(node: XmlNode, vars: VariableStore, ctx: WxpExecContext): void {
-  switch (node.tag) {
-    case "shell":      executeShell(node, vars, ctx.config); break;
-    case "string-op":  executeStringOp(node, vars);          break;
-    case "json-parse": execJsonParse(node, vars);             break;
-    case "read-file":  execReadFile(node, vars);              break;
-    case "write-file": execWriteFile(node, vars, ctx);        break;
-    case "display":    execDisplay(node, vars, ctx);          break;
-    case "for-each":   execForEach(node, vars, ctx);          break;
-
-    case "if": {
-      const branch   = evaluateCondition(node, vars);
-      const thenNode = node.children.find((c) => c.tag === "then");
-      const elseNode = node.children.find((c) => c.tag === "else");
-      const taken    = branch ? thenNode : elseNode;
-      if (taken) for (const child of taken.children) executeNode(child, vars, ctx);
-      break;
-    }
-
-    case "gsd-execute":
-      executeBlock(node, vars, ctx);
-      break;
-
-    default:
-      // paste, arguments, include, version — handled by resolution loop in index.ts
-      break;
-  }
-}
-
-/** Execute all children of a container node (<gsd-execute>, <then>, <else>). */
-export function executeBlock(node: XmlNode, vars: VariableStore, ctx: WxpExecContext): void {
-  try {
-    for (const child of node.children) executeNode(child, vars, ctx);
-  } catch (err) {
-    if (err instanceof WxpShellError || err instanceof Error) {
-      throw new WxpExecutionError(err, vars.snapshot(), `Execution failed: ${err.message}`);
-    }
-    throw err;
-  }
-}
-
-// Re-export for conditions used outside executor (index.ts for-each where clause)
-export { evaluateCondExprNode, CONDITION_OPS };

package/src/wxp/index.ts

@@ -1,191 +0,0 @@
-import fs from "node:fs";
-import path from "node:path";
-import { extractWxpTags, spliceContent, extractCodeFenceRegions, inDeadZone } from "./parser.js";
-import { createVariableStore } from "./variables.js";
-import { parseArguments } from "./arguments.js";
-import { executeBlock } from "./executor.js";
-import { applyPaste, WxpPasteError } from "./paste.js";
-import { checkTrustedPath } from "./security.js";
-import type {
-  WxpSecurityConfig,
-  WxpExecContext,
-  DisplayLevel,
-  DisplayCallback,
-} from "../schemas/wxp.zod.js";
-
-export { WxpExecutionError } from "./executor.js";
-export { WxpShellError } from "./shell.js";
-export { WxpPasteError } from "./paste.js";
-export { WxpStringOpError } from "./string-ops.js";
-export { WxpArgumentsError } from "./arguments.js";
-export type { DisplayCallback, DisplayLevel, WxpExecContext };
-
-const MAX_ITERATIONS = 50;
-const NOOP_DISPLAY: DisplayCallback = () => {};
-
-export class WxpProcessingError extends Error {
-  constructor(
-    public readonly filePath: string,
-    public readonly cause: Error,
-    public readonly variableSnapshot: Record<string, string>,
-    public readonly pendingOperations: string[],
-    public readonly completedOperations: string[],
-  ) {
-    super(
-      [
-        `WXP Processing Error`,
-        `File: ${filePath}`,
-        `Error: ${cause.message}`,
-        `Variable Namespace: ${JSON.stringify(variableSnapshot, null, 2)}`,
-        `Pending Operations: [${pendingOperations.join(", ")}]`,
-        `Completed Operations: [${completedOperations.join(", ")}]`,
-      ].join("\n"),
-    );
-    this.name = "WxpProcessingError";
-  }
-}
-
-export function processWxp(
-  content: string,
-  filePath: string,
-  config: WxpSecurityConfig,
-  projectRoot: string,
-  pkgRoot: string,
-  rawArguments = "",
-  onDisplay: DisplayCallback = NOOP_DISPLAY,
-): string {
-  const pathCheck = checkTrustedPath(filePath, config, projectRoot, pkgRoot);
-  if (!pathCheck.ok) {
-    throw new WxpProcessingError(filePath, new Error(pathCheck.reason), {}, [], []);
-  }
-  return runLoop(content, filePath, config, projectRoot, pkgRoot, rawArguments, onDisplay);
-}
-
-export function processWxpTrustedContent(
-  content: string,
-  virtualFilePath: string,
-  config: WxpSecurityConfig,
-  projectRoot: string,
-  pkgRoot: string,
-  rawArguments = "",
-  onDisplay: DisplayCallback = NOOP_DISPLAY,
-): string {
-  const trusted: WxpSecurityConfig = {
-    ...config,
-    trustedPaths: [
-      ...config.trustedPaths,
-      { position: "absolute", path: path.dirname(path.resolve(virtualFilePath)) },
-    ],
-  };
-  return runLoop(content, virtualFilePath, trusted, projectRoot, pkgRoot, rawArguments, onDisplay);
-}
-
-function runLoop(
-  content: string,
-  filePath: string,
-  config: WxpSecurityConfig,
-  projectRoot: string,
-  pkgRoot: string,
-  rawArguments: string,
-  onDisplay: DisplayCallback,
-): string {
-  const vars = createVariableStore();
-  const done: string[] = [];
-  let current = content;
-
-  const ctx: WxpExecContext = { config, projectRoot, pkgRoot, onDisplay };
-
-  for (let i = 0; i < MAX_ITERATIONS; i++) {
-    const tags   = extractWxpTags(current);
-    const active = tags.filter((t) => t.node.tag !== "gsd-version");
-    if (active.length === 0) break;
-
-    const pending = active.map((t) => t.node.tag);
-
-    try {
-      let progress = false;
-
-      // 1. <gsd-include>
-      for (const tag of extractWxpTags(current)) {
-        if (tag.node.tag !== "gsd-include") continue;
-        if (inDeadZone(tag.start, extractCodeFenceRegions(current))) continue;
-
-        const incPath = tag.node.attrs["path"];
-        if (!incPath) continue;
-
-        const abs   = path.resolve(path.dirname(filePath), incPath);
-        const check = checkTrustedPath(abs, config, projectRoot, pkgRoot);
-        if (!check.ok) throw new Error(`Include rejected: ${check.reason}`);
-
-        const included = fs.readFileSync(abs, "utf8");
-        const stem     = path.basename(abs, path.extname(abs));
-
-        // INC-02: arg mappings from <gsd-arguments> child
-        for (const child of tag.node.children) {
-          if (child.tag !== "gsd-arguments") continue;
-          for (const arg of child.children.filter((c) => c.tag === "arg")) {
-            const from = arg.attrs["name"];
-            const to   = arg.attrs["as"];
-            if (from && to) {
-              const val = vars.get(from);
-              if (val !== undefined) vars.set(to, val, stem);
-            }
-          }
-        }
-
-        const appendArgs = "include-arguments" in tag.node.attrs ? `\n${rawArguments}` : "";
-        current = spliceContent(current, tag.start, tag.end, included + appendArgs);
-        done.push("gsd-include");
-        progress = true;
-        break;
-      }
-      if (progress) continue;
-
-      // 2. <gsd-arguments>
-      for (const tag of extractWxpTags(current)) {
-        if (tag.node.tag !== "gsd-arguments") continue;
-        if (inDeadZone(tag.start, extractCodeFenceRegions(current))) continue;
-
-        parseArguments(tag.node, rawArguments, vars);
-        current = spliceContent(current, tag.start, tag.end, "");
-        done.push("gsd-arguments");
-        progress = true;
-        break;
-      }
-      if (progress) continue;
-
-      // 3. <gsd-execute>
-      for (const tag of extractWxpTags(current)) {
-        if (tag.node.tag !== "gsd-execute") continue;
-        if (inDeadZone(tag.start, extractCodeFenceRegions(current))) continue;
-
-        executeBlock(tag.node, vars, ctx);
-        current = spliceContent(current, tag.start, tag.end, "");
-        done.push("gsd-execute");
-        progress = true;
-        break;
-      }
-      if (progress) continue;
-
-      // 4. <gsd-paste>
-      const after = applyPaste(current, vars);
-      if (after !== current) { current = after; done.push("gsd-paste"); continue; }
-
-      break; // no progress
-    } catch (err) {
-      if (err instanceof WxpProcessingError) throw err;
-      const e = err instanceof Error ? err : new Error(String(err));
-      throw new WxpProcessingError(filePath, e, vars.snapshot(), pending, done);
-    }
-  }
-
-  return current;
-}
-
-export function readWorkflowVersionTag(
-  content: string,
-): { version: string; doNotUpdate: boolean } | null {
-  const m = /<gsd-version\s+v="([^"]+)"(\s+do-not-update)?\s*\/>/.exec(content);
-  if (!m) return null;
-  return { version: m[1], doNotUpdate: Boolean(m[2]) };
-}

package/src/wxp/parser.ts

@@ -1,198 +0,0 @@
-/**
- * parser.ts — Recursive-descent XML parser for WXP markdown documents.
- *
- * Parses WXP tags embedded in markdown. Code-fence regions are dead zones
- * where no tags are processed (WXP-01).
- */
-
-import type { XmlNode } from "../schemas/wxp.zod.js";
-
-// ─── Code-fence skip ──────────────────────────────────────────────────────────
-
-export function extractCodeFenceRegions(content: string): Array<[number, number]> {
-  const regions: Array<[number, number]> = [];
-  const re = /^```[^\n]*\n[\s\S]*?^```/gm;
-  let m: RegExpExecArray | null;
-  while ((m = re.exec(content)) !== null) {
-    regions.push([m.index, m.index + m[0].length]);
-  }
-  return regions;
-}
-
-export function inDeadZone(pos: number, regions: Array<[number, number]>): boolean {
-  return regions.some(([s, e]) => pos >= s && pos < e);
-}
-
-// ─── Attribute parser ─────────────────────────────────────────────────────────
-
-/**
- * Parse XML attribute string into a Record.
- * Handles: key="value", key='value', bare-key (boolean attribute)
- */
-export function parseAttrs(raw: string): Record<string, string> {
-  const attrs: Record<string, string> = {};
-  // Match key="val", key='val', or bare key
-  const re = /([a-zA-Z0-9_:-]+)(?:=(?:"([^"]*)"|'([^']*)'|([^\s/>]*)))?/g;
-  let m: RegExpExecArray | null;
-  while ((m = re.exec(raw)) !== null) {
-    const key = m[1];
-    const val = m[2] ?? m[3] ?? m[4] ?? ""; // empty string = boolean attribute
-    attrs[key] = val;
-  }
-  return attrs;
-}
-
-// ─── Recursive XML tokeniser ──────────────────────────────────────────────────
-
-interface ParseResult {
-  node: XmlNode;
-  end: number; // index in content after closing tag
-}
-
-/**
- * Parse a single XML element starting at `pos` in `content`.
- * Uses a proper attribute-aware regex so self-closing `/>` is correctly detected.
- */
-function parseElement(content: string, pos: number): ParseResult | null {
-  if (content[pos] !== "<") return null;
-
-  // Proper attribute pattern: each attr is name or name=value (quoted or unquoted)
-  // This ensures the `/` in `/>` is NOT consumed by the attrs group.
-  const tagRe = /^<([a-zA-Z0-9_:-]+)((?:\s+[a-zA-Z0-9_:-]+(?:=(?:"[^"]*"|'[^']*'|[^\s/>]*))?)*)?\s*(\/??>)/;
-  const slice = content.slice(pos);
-  const m = tagRe.exec(slice);
-  if (!m) return null;
-
-  const tag = m[1];
-  const rawAttrs = (m[2] ?? "").trim();
-  const closing = m[3];
-  const attrs = parseAttrs(rawAttrs);
-
-  if (closing === "/>") {
-    // Self-closing
-    return {
-      node: { tag, attrs, children: [], selfClosing: true },
-      end: pos + m[0].length,
-    };
-  }
-
-  // Opening tag — find matching closing tag, handling nesting
-  let cursor = pos + m[0].length;
-  const children: XmlNode[] = [];
-  const closeTag = `</${tag}>`;
-
-  while (cursor < content.length) {
-    // Look for next < to check if it's a child element or closing tag
-    const nextOpen = content.indexOf("<", cursor);
-    if (nextOpen === -1) break;
-
-    // Check for closing tag
-    if (content.startsWith(closeTag, nextOpen)) {
-      return {
-        node: { tag, attrs, children, selfClosing: false },
-        end: nextOpen + closeTag.length,
-      };
-    }
-
-    // Check for comment <!-- ... -->
-    if (content.startsWith("<!--", nextOpen)) {
-      const commentEnd = content.indexOf("-->", nextOpen + 4);
-      cursor = commentEnd !== -1 ? commentEnd + 3 : content.length;
-      continue;
-    }
-
-    // Try to parse child element
-    const child = parseElement(content, nextOpen);
-    if (child) {
-      children.push(child.node);
-      cursor = child.end;
-    } else {
-      cursor = nextOpen + 1;
-    }
-  }
-
-  // Unclosed tag — return what we have
-  return {
-    node: { tag, attrs, children, selfClosing: false },
-    end: cursor,
-  };
-}
-
-// ─── Top-level WXP tag extraction ────────────────────────────────────────────
-
-const WXP_TOP_TAGS = new Set([
-  "gsd-execute",
-  "gsd-arguments",
-  "gsd-paste",
-  "gsd-include",
-  "gsd-version",
-]);
-
-export interface WxpTagMatch {
-  node: XmlNode;
-  /** Start index in original content */
-  start: number;
-  /** End index (exclusive) in original content */
-  end: number;
-}
-
-/**
- * Extract all top-level WXP tags from markdown content.
- * Skips code-fence regions.
- * Returns matches in document order.
- */
-export function extractWxpTags(content: string): WxpTagMatch[] {
-  const deadZones = extractCodeFenceRegions(content);
-  const matches: WxpTagMatch[] = [];
-
-  // Scan for < characters that could start a WXP tag
-  const tagStartRe = /<(gsd-[a-zA-Z0-9_-]+)/g;
-  let m: RegExpExecArray | null;
-
-  while ((m = tagStartRe.exec(content)) !== null) {
-    const pos = m.index;
-    if (inDeadZone(pos, deadZones)) continue;
-
-    const tagName = m[1];
-    if (!WXP_TOP_TAGS.has(tagName)) continue;
-
-    const result = parseElement(content, pos);
-    if (!result) continue;
-
-    matches.push({ node: result.node, start: pos, end: result.end });
-    // Advance regex past this element to avoid re-scanning its contents
-    tagStartRe.lastIndex = result.end;
-  }
-
-  return matches;
-}
-
-// ─── Specific node extractors ─────────────────────────────────────────────────
-
-/** Replace a WXP tag span in content with a replacement string. */
-export function spliceContent(
-  content: string,
-  start: number,
-  end: number,
-  replacement: string,
-): string {
-  return content.slice(0, start) + replacement + content.slice(end);
-}
-
-/** Remove all unprocessed WXP tags from content (final strip step). */
-export function stripWxpTags(content: string): string {
-  const deadZones = extractCodeFenceRegions(content);
-  const tags = extractWxpTags(content);
-
-  // Strip right-to-left to preserve indices
-  let result = content;
-  let offset = 0;
-  for (const tag of tags) {
-    if (inDeadZone(tag.start, deadZones)) continue;
-    const adjustedStart = tag.start + offset;
-    const adjustedEnd = tag.end + offset;
-    result = result.slice(0, adjustedStart) + result.slice(adjustedEnd);
-    offset += -(tag.end - tag.start);
-  }
-  return result;
-}

package/src/wxp/paste.ts

@@ -1,51 +0,0 @@
-import { extractCodeFenceRegions, inDeadZone } from "./parser.js";
-import type { VariableStore } from "./variables.js";
-
-export class WxpPasteError extends Error {
-  constructor(
-    public readonly variableName: string,
-    public readonly variableSnapshot: Record<string, string>,
-  ) {
-    super(
-      `<gsd-paste name="${variableName}" /> references undefined variable '${variableName}'`,
-    );
-    this.name = "WxpPasteError";
-  }
-}
-
-/**
- * Replace all <gsd-paste name="X" /> tags in content with variable values.
- * - Tags inside code fences are NOT replaced.
- * - If any referenced variable is undefined → throws WxpPasteError (no partial output).
- * - Replacement is right-to-left to preserve indices.
- */
-export function applyPaste(content: string, vars: VariableStore): string {
-  const deadZones = extractCodeFenceRegions(content);
-  const pasteRe = /<gsd-paste\s+name="([^"]+)"\s*\/>/g;
-
-  const matches: Array<{ index: number; full: string; name: string }> = [];
-  let m: RegExpExecArray | null;
-  while ((m = pasteRe.exec(content)) !== null) {
-    if (!inDeadZone(m.index, deadZones)) {
-      matches.push({ index: m.index, full: m[0], name: m[1] });
-    }
-  }
-
-  // Validate all before replacing anything (atomic — no partial output)
-  for (const match of matches) {
-    if (vars.get(match.name) === undefined) {
-      throw new WxpPasteError(match.name, vars.snapshot());
-    }
-  }
-
-  // Replace right-to-left
-  let result = content;
-  for (let i = matches.length - 1; i >= 0; i--) {
-    const match = matches[i];
-    const value = vars.get(match.name) as string;
-    result =
-      result.slice(0, match.index) + value + result.slice(match.index + match.full.length);
-  }
-
-  return result;
-}